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Abstract. One central issue in tlie formal design and analysis of reactive systems is the notion of refinement that 
asks whether all behaviors of the implementation is allowed by the specification. The local interpretation of behavior 
leads to the notion of simulation. Alternating transition systems (ATSs) provide a general model for composite 
reactive systems, and the simulation relation for ATSs is known as alternating simulation. The simulation relation 
for fair transition systems is called fair simulation. In this work our main contributions are as follows: ( 1 ) We present 
an improved algorithm for fair simulation with Biichi fairness constraints; our algorithm requires 0{it? ■ m) time 
as compared to the previous known 0(n®) -time algorithm, where n is the number of states and m is the number of 
transitions. (2) We present a game based algorithm for alternating simulation that requires 0(m^ )-time as compared 
to the previous known 0((n • m)^)-time algorithm, where n is the number of states and m is the size of transition 
relation. (3) We present an iterative algorithm for alternating simulation that matches the time complexity of the 
game based algorithm, but is more space efficient than the game based algorithm. 

1 Introduction 

Simulation relation and extensions. One central issue in formal design and analysis of reactive systems is the notion 
of refinement relations. The refinement relation (system A refines system A') intuitively means that every behavioral 
option of A (the implementation) is allowed by A' (the specification). The local interpretation of behavorial option 
in terms of successor states leads to refinement as simulation |14|. The simulation relation enjoys many appealing 
properties, such as it has a denotational characterization, it has a logical characterization and it can be computed in 
polynomial time (as compared to trace containment which is PSPACE-complete). While the notion of simulation was 
originally developed for transition systems 1 14|, it has many important extensions. Two prominent extensions are as 
follows: (a) extension for composite systems and (b) extension for fair transition systems. 

Alternating simulation relation. Composite reactive systems can be viewed as multi-agent systems II15I8L where 
each possible step of the system corresponds to a possible move in a game which may involve some or all component 
moves. We model multi-agent systems as alternating transition systems (ATSs) |T|. In general a multi-agent system 
consists of a set / of agents, but for algorithmic purposes for simulation we always consider a subset /' C / of agents 
against the rest, and thus we will only consider two-agent systems (one agent is the collection /' of agents, and the other 
is the collection of the rest of the agents). Consider the composite systems A\\B and in environment B. The 

relation that A refines A' without constraining the environment B is expressed by generalizing the simulation relation 
to alternating simulation relation |l2|. Alternating simulation also enjoys the appealing properties of denotational 
and logical characterization along with polynomial time computability. We refer the readers to f2\ for an excellent 
exposition of alternating simulation and its applications in design and analysis of composite reactive systems. We 
briefly discuss some applications of alternating simulation relation. Given a composite system with many components, 
the problem of refinement of a component (i.e., a component C can be replaced with its implementation C") without 
affecting the correctness of the composite system is an alternating simulation problem. Similarly, refinement for open 
reactive systems is also an alternating simulation problem. Finally, graph games provide the mathematical framework 
to analyze many important problems in computer science, specially in relation to logic, as there is a close connection 
of automata and graph games (see |16 7| for details). Alternating simulation provides the technique for state space 
reduction for graph games, which is a pre-requisite for efficient algorithmic analysis of graph games. Thus computing 
alternating simulation for ATSs is a core algorithmic question in the formal analysis of composite systems, as well as 
in the heart of efficient algorithmic analysis of problems related to logic in computer science. 

Fair simulation relation. Fair transition systems are extension of transition systems with fairness constraint. A live- 
ness (or weak fairness or Biichi fairness) constraint consists of a set B of live states, and requires that runs of the 



system visit some live state infinitely often. In general the fairness constraint can be a strong fairness constraint instead 
of a liveness constraint. The notion of simulation was extended to fair transition systems as fair simulation 1 10|. It was 
shown in IfTOl that fair simulation also enjoys the appealing properties of denotational and logical characterization, and 
polynomial time computability (see ifTOI for many other important properties and discussion on fair simulation). Again 
the computation of fair simulation with Biichi fairness constraints is an important algorithmic problem for design and 
analysis of reactive systems with liveness requirements. 

Our contributions. In this work we improve the algorithmic complexities of computing fair simulation with Biichi 
fairness constraints and alternating simulation. In the descriptions below we will denote by n the size of the state space 
of systems, and by m the size of the transition relation. Our main contributions are summarized below. 

1 . Fair simulation. First we extend the notion of fair simulation to alternating fair simulation for ATSs with Biichi 
fairness constraints. There are two natural ways of extending the definition of fair simulation to alternating fair 
simulation, and we show that both the definitions coincide. We present an algorithm to compute the alternating 
fair simulation relation by a reduction to a game with parity objectives with three priorities. As a special case of 
our algorithm for fair simulation, we show that the fair simulation relation can be computed in 0{n^ ■ m) time, 
as compared to the previous known 0(n*^)-time algorithm of [10] . Observe that m is at most 0{n?) and thus the 
worst case running time of our algorithm is O(n^). Moreover, in many practical examples systems have constant 
out-degree (for examples see pl) (i.e., m — 0{n)), and then our algorithm requires 0(n'*) time. 

2. Game based alternating simulation. We present a game based algorithm for alternating simulation. Our algorithm 
is based on a reduction to a game with reachability objectives, and requires O(to^) time, as compared to the 
previous known algorithm that requires 0{{n ■ m)^) time [T]. One key step of the reduction is to construct the 
game graph in time linear in the size of the game graph. 

3. Iterative algorithm for alternating simulation. We present an iterative algorithm to compute the alternating sim- 
ulation relation. The time complexity of the iterative algorithm matches the time complexity of the game based 
algorithm, however, the iterative algorithm is more space efficient, (see paragraph on space complexity of Sec- 
tion l4.2l for the detailed comparision). Moreover, both the game based algorithm and the iterative algorithm when 
specialized to transition systems match the best known algorithms to compute the simulation relation. 

We remark that the game based algorithms we obtain for alternating fair simulation and alternating simulation 
are reductions to standard two-player games on graphs with parity objectives (with three priorities) and reachability 
objectives. Since such games are well-studied, standard algorithms developed for games can now be used for compu- 
tation of refinement relations. Our key technical contribution is establishing the correctness of the efficient reductions, 
and showing that the game graphs can be constructed in linear time in the size of the game graphs. For the iterative 
algorithm we establish an alternative characterization of alternating simulation, and present an iterative algorithm that 
simultaneously prunes two relations, without explicitly constructing game graphs (thus saving space), to compute the 
relation obtained by the alternative characterization. 

2 Definitions 

In this section we present all the relevant definitions, and the previous best known results. We present definitions 
of labeled transition systems (Kripke structures), labeled alternating transitions systems (ATS), fair simulation, and 
alternating simulation. All the simulation relations we will define are closed under union (i.e., if two relations are 
simulation relations, then so is their union), and we will consider the maximum simulation relation. We also present 
relevant definitions for graph games that will be later used for the improved results. 

Definition 1 (Labeled transition systems (TS)). A labeled transition system (TS) (Kripke structure) is a tuple K = 
{S, W, w, R, L), where S is a finite set of observations; W is a finite set of states and w is the initial state; R ^ W xW 
is the transition relation; and L : W S is the labeling function that maps each state to an observation. For technical 
convenience we assume that for all w G W there exists w' £ W such that (w, w') € R. 

Runs, fairness constraint, and fair transition systems. For a TS K and a state w G W, a w-run of K is an infinite 
sequence w = wo,wi,W2, ... of states such that wq ^ w and R{wi,Wi+i) for all i > 0. We write Inf(w) for the 
set of states that occur infinitely often in the run w. A run of if is a {y-run for the initial state w. In this work we 
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will consider Biichi fairness constraints, and a Biichi fairness constraint is specified as a set F C W of Biichi states, 
and defines the fair set of runs, where a run w is fair iff Inf(w) n F 7^ (i.e., the run visits F infinitely often). A 
fair transition system /C = (K, F) consists of a TS i^T and a Biichi fairness constraint F C W for K. We consider 
two TSs Ki = {S, Wi,wi, Ri, Li) and K2 = (S, W2, W2,R2,L2) over the same alphabet, and the two fair TSs 
ICi ~ {Ki,Fi) and IC2 = {K2, ^2). We now define the fair simulation between ICi and IC2 ifTOl . 

Definition 2 (Fair simulation). A binary relation S C Wi x W2 is a fair simulation oflCi by IC2 if the following two 
conditions hold for all (wi, W2) G Wi x W2: 

1. IfS{wi,W2), thenLi{wi) = ^2(^2). 

2. There exists a strategy r : {Wi x ^^2)^ x Wi — ?■ W2 smc/z f/iaf if S{wi, W2) andw — uq, ui, U2, . . . is a fair wi- 
run ofKi, then the following conditions hold: (a) the outcome r[uJ] = Uq, u'j^, U2, . . . is a fair W2-run 0//C2 (where 
the outcome r[l(J] is defined as follows: for all i > we have u[ = t{{uq, Uq), (wi, u'l), . . . , u[_i), Ui)) ; 
and (b) the outcome t\w] S-matchesw; that is, S{ui,u'j) for all i > 0. We say t is a witness to the fair simulation 
S. 

We denote by ^fair the maximum fair simulation relation between /Ci and IC2- We say that the fair TS JC2 fairly 
simulates the fair TS fCi ijf{wi,W2) S^fair- 

We have the following result for fair simulation from lITOl (see item 1 of Theorem 4.2 from ifTOl ). 

Tlieorem 1. Given two fair TSs JCi and K,2, the problem of whether IC2 fairly simulates ICi can be decided in time 

Oii\Wi\ + \W2\) ■ {\Ri\ + |i?2|) + (iW^il • \W2\f). 

Definition 3 (Labeled alternating transition systems (ATS)). A labeled alternating transitions system (ATS) is a 

tuple K = {S, W, w, Ai, A2, Pi, P2, L, 5), where (i) S is a finite set of observations; (ii) W is a finite set of states 
with w the initial state; (Hi) Ai is a finite set of actions for Agent i, for i £ {1, 2}; (iv) Pi : W ^ 2^' \ assigns 
to every state w in W the non-empty set of actions available to Agent i at w, for i G {1,2}; (v) L : W — > U is the 
labeling function that maps every state to an observation; and (vi) S : W x Ai x A2 ^ W is the transition relation 
that given a state and the joint actions gives the next state. 

Observe that a TS can be considered as a special case of ATS with A2 singleton (say A2 — {-L}), and the transition 
relation i? of a TS is described by the transition relation S : W x Ai x {±} ^> of the ATS. 

Definition 4 (Alternating simulation). Given two ATS, K = {I],W,w,Ai,A2,Pi,P2,L,6) and K' = 
{S,W',w',A[,A'2,P{,P2,L',S') a binary relation S* C x W' is an alternating simulation from fC to IC' if 
for all states w and w' with (w, w') ^ S, the following conditions hold : 

1. L{w) = L'{w') 

2. For every action a G Pi{w), there exists an action a' G P[{w') such that for every action b' G P2(w'), there 
exists an action b G P2{w) such that {S(w, a, b), S'(w' , a' , b')) G S, i.e., 

y{w,w') G 5 - Va G Pi{w) ■ 3a' G Pi{w') -W G P^{w')-3b G P2{w) ■ {6{w, a,b), 6' {w' , a' ,b')) G S 

We denote by ^aitsim th^ maximum alternating simulation relation between K and K'. We say that the ATS K' simu- 
lates the ATS K iff [w, w') G^aitsim- 

The following result was shown in 121 (see proof of Theorem 3 of jl)). 

Theorem 2. For two ATSs K and K', the alternating simulation relation ^aitsim can be computed in time 0{\W\'^ ■ 
\W'\'-\Ai\-\A'^.\A2\-\A'2\). 

In the following section we will present an extension of the notion of fair simulation for TSs to alternating fair 
simulation for ATSs, and present improved algorithms to compute ^fair and ^aitsim- Some of our algorithms will be 
based on reduction to two-player games on graphs. We present the required definitions below. 



3 



Two-player Game graphs. A two-player game graph G = {{V, E), {Vi , V2)) consists of a directed graph {V, E) with 
a set y of 71 vertices and a set Eofm edges, and a partition (Vi , V2) of into two sets. The vertices in Vi are player 1 
vertices, where player 1 chooses the outgoing edges; and the vertices in V2 are player 2 vertices, where player 2 (the 
adversary to player 1) chooses the outgoing edges. For a vertex m G y, we write Out(u) — {v V \ (u, u) G E} for 
the set of successor vertices of u and \n{u) = {v (1 V \ {v,u) ^ E} for the set of incoming edges of u. We assume 
that every vertex has at least one out-going edge, i.e., Out{u) is non-empty for all vertices u ^ V. 
Plays. A game is played by two players: player 1 and player 2, who form an infinite path in the game graph by moving 
a token along edges. They start by placing the token on an initial vertex, and then they take moves indefinitely in the 
following way. If the token is on a vertex in Vi, then player 1 moves the token along one of the edges going out of the 
vertex. If the token is on a vertex in V2, then player 2 does likewise. The result is an infinite path in the game graph, 
called a play. We write J? for the set of all plays. 

Strategies. A strategy for a player is a rule that specifies how to extend plays. Formally, a strategy a for player 1 is a 
function a: V* ■ Vi ^ V such that for all w E V* and all v G Vi we have a{w ■ v) G Out{v), and analogously for 
player 2 strategies. We write A and B for the sets of all strategies for player 1 and player 2, respectively. A memoryless 
strategy for player 1 is independent of the history and depends only on the current state, and can be described as a 
function a :Vi V , and similarly for player 2. Given a starting vertex v EV,a. strategy a E A for player 1, and a 
strategy /3 E B for player 2, there is a unique play, denoted uj{v, a, (3) = {vo,vi, V2, . • .}, which is defined as follows: 
vq = V and for all k > 0, if Vk G Vi, then a{vk) = Vk+i, and if G V2, then /3{vk) = Vk+i. We say a play lu 
is consistent with a strategy of a player, if there is a strategy of the opponent such that given both the strategies the 
unique play is oj. 

Objectives. An objective <P for a game graph is a desired subset of plays. For a play ut = {vq, vi, V2, . . ■) G J7, we 
define Inf (w) = {v E V \ Vk = v for infinitely many fc > 0} to be the set of vertices that occur infinitely often in w. 
We define reachability, safety and parity objectives with three priorities. 

1. Reachability and safety objectives. Given a set T C V of vertices, the reachability objective Reach(T) re- 
quires that some vertex in T be visited, and dually, the safety objective Safe(F) requires that only vertices in 
F be visited. Formally, the sets of winning plays are Reach(T) — {{vq, vi, V2, . ■ .) E f2 \ 3k > 0. Vk E T} and 
Safe(i^) = {{vq,vi,V2, ■ . ■) E Q | Vfc > 0. Ufc G F}. The reachability and safety objectives are dual in the sense 
that Reach(r) = I? \ Safe(y \ T). 

2. Parity objectives with three priorities. Consider a priority function p : V {Q, 1,2} that maps every ver- 
tex to a priority either 0, 1 or 2. The parity objective requires that the minimum priority visited infinitely of- 
ten is even. In other words, the objectives require that either vertices with priority are visited infinitely of- 
ten, or vertices with priority 1 are visited finitely often. Formally the set of winning plays is Parity(p) = 
{uj I Inf(w) n p-i(O) ^ or Inf(w) n p-^{l) = 0}. 

Winning strategies and sets. Given an objective (p C f] for player 1, a strategy a G ^ is a winning strategy for 
player 1 from a vertex v if for all player 2 strategies (3 E B the play aj(w,Q!,/3) is winning, i.e., uj{v,a,l3) E ^. 
The winning strategies for player 2 are defined analogously by switching the role of player 1 and player 2 in the 
above definition. A vertex v E V is winning for player 1 with respect to the objective if player 1 has a winning 
strategy from v. Formally, the set of winning vertices for player 1 with respect to the objective is the set Wi{'P) = 
{v E V \ 3a E A.y(3 E B. uj{v, a, /3) E ^}. Analogously, the set of all winning vertices for player 2 with respect to 
an objective ^ C [2 is W2{9) = {v E V \ 3/3 E B.^a E A. uj{v, a, (3) E ^} . 

Theorem 3 (Determmacy and complexity). The following assertions hold. 

1. For all game graphs G = ((V, E) , ( Vi , V2)), all objectives <!> for player 1 where <1> is reachability, safety, or parity 
objectives with three priorities, and the complementary objective ^ = Q \ <1> for player 2, we have Wi {<P) = 
V \ W2 (!?'); and memoryless winning strategies exist for both players from their respective winning set [6]. 

2. The winning set Wi(<?) can be computed in linear time (0{\V\ + \E\)) for reachability and safety objectives 
# H1113\I : and in quadratic time (0{\V\ ■ \E\))for parity objectives with three priorities HI 2)1 . 
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3 Fair Alternating Simulation 



In this section we will present two definitions of fair alternating simulation, show their equivalence, present algorithms 
for solving fair alternating simulations, and our algorithms specialized to fair simulation will improve the bound of 
the previous algorithm (Theorem[T]l. Similar to fair TSs, a fair ATS JC — {K, F) consists of an ATS K and a Biichi 
fairness constraint F for K. 

To extend the definition of fair simulation to fair alternating simulation we consider the notion of strategies for 
ATSs. Consider two ATSs K = {S, W, w, Ai, A2, Pi, P2, L, S) and K' ^ {S, w' , A[, A'^, Pi, P^, L' , 6') and the 
corresponding fair ATSs K. = {K, F) and K,' — {K' , F'). We use the following notations: 

— r : [W X W')^ — J> Ai is a strategy employed by Agent 1 in /C. The aim of the strategy is to choose transitions in 
/C to make it difficult for Agent 1 in /C' to match them. The strategy acts on the past run on both systems. 

— t' : {W X W')'^ X Ai ^ A[ is a strategy employed by Agent 1 in IC'. The aim of this strategy is to match actions 
in K.' to those made by Agent 1 in IC. The strategy acts on the past run on both the systems, as well as the action 
chosen by Agent 1 in IC. 

— ^' : {W X W')'^ X ^1 X A[ — > ^2 is a strategy employed by Agent 2 in /C'. The aim of this strategy is to choose 
actions in IC' to make it difficult for Agent 2 to match them in IC. The strategy acts on the past run of both the 
systems, as well as the actions chosen by Agent 1 in /C and IC' . 

— ^ : {W X W')^ xAiX A'^ x A'2 — >■ is a strategy employed by Agent 2 in IC. Intuitively, the aim of this strategy 
of Agent 2 is to choose actions in IC to show that Agent 1 is not as powerful in IC as in /C', i.e., in some sense the 
strategy of Agent 2 will witness that the strategy of Agent 1 in /C does not satisfy certain desired property. The 
strategy acts on the past run of both the systems, as well as the actions chosen by Agent 1 in /C and both the agents 
in IC'. 

— p{w, w' , T, t' , ^, is the run that emerges in /C if the game starts with K. on state w, K! on state w' and the 
agents employ strategies t, r', ^ and ^' as described above, and p'(yj, w' , r, t', ^, is the corresponding run that 
emerges in IC' . 

Definition 5 (Weak fair alternating simulation). A binary relation 5 C x W' is a weak fair alternating simulation 

(WFAS) o//C by IC' if the following two conditions hold for all (w, w') ^ W x W': 

1. IfS{w, w'), then L{w) = L'{w'). 

2. There exists a strategy t' : {W xW')^ xAi A'^ for Agent 1 in tC' , suchthat for all strategies t : {WxW')^ — > 
Ai for Agent 1 in IC, there exists a strategy ^ : {W x W')^ x Ai x A'l x A2 — > A'2 for Agent 2 in IC, such that 
for all strategies ^' : {W x W')^ x Ai x A'^ A'2 for Agent 2 on IC' , if S{w, w') and p{w, w' ,t, t' , ^, ^') is a 
fair w-run ofIC, then 

— p' {w, w' , T, t' , ^, is a fair w' -run ofIC'; and 

— p'{w,w' ,t,t' ,£^,£^') S-matches p{w,w' ,t,t' ,£^,£^'). 

We denote by dif'^,rait maximum WFAS relation between IC and IC' . We say that the fair ATS IC' weak-fair-alternate 
simulates the fair ATS IC iff{w, w') e^Zhaiv 

Definition 6 (Strong fair alternating simulation). A binary relation S CW x W is a strong fair alternating simu- 
lation (SFAS) o//C by IC' if the following two conditions hold for all {w, w') & W x W: 

1. IfS{w,w'), thenL{w) = L'{w'). 

2. There exist strategies t' : {W x W')+ x Ai ^ A'^ for Agent 1 in IC' and ^ : {W x W')+ x Ai x A'^ x A2 A'2 for 
Agent 2 in IC, such that for all strategies r : {W x Ai for Agent 1 in IC and ^ : {W x W')^ x Ai x A'^ — > 
A'2 for Agent 2 on IC', if S{w, w') and p{'w, w' , t, t', ^, is a fair w-run ofIC, then 

— p'{w, w' , T, t' , ^, is a fair w'-run ofK.'; and 

— p'{w,w' ,t,t' ,£^,£^') S-matches p{w,w' ,t,t' ,£^,£^'). 

We denote by difj\^"\f the maximum SFAS relation between K. and IC'. We say that the fair ATS IC' strong-fair-alternate 
simulates the fair ATS IC iff{w, w') &difj]^"\f- 
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The difference in tlie definitions of weak and strong alternating fair simulation is in the order of the quantifiers 
in the strategies. In the weak version the quantifier order is exists forall exists forall, whereas in the strong version 
the order is exists exists forall forall. Thus strong fair alternating simulation implies weak fair alternating simulation. 
We will show that both the definitions coincide and present algorithms to compute the maximum fair alternating 
simulation. Also observe that both the weak and strong version coincide with fair simulation for TSs. We will present 
a reduction of weak and strong fair alternating simulation problem to games with parity objectives with three priorities. 
We now present a few notations related to the reduction. 

Successor sets. Given an ATS K, for a state w and an action a £ Pi{w), let Succ(uj,a) = 
{w' I 3b G P2{w) such that w' = d{w, a, b)} denote the possible successors of w given an action a of Agent 1 (i.e., 
successor set of w and a). Let Succ(-ft') = {Succ(w, a) \wGW,a£ Pi{w)} denote the set of all possible successor 
sets. Note that |Succ(J!:)| < |W| • \Ai\. 

Game construction. Let if = {Z:,W,w, Ai,A2, Pi, P2,L,S) and K' = {E,W' ,w' ,A'^,A'2,P{,Pi,L' ,5') h&iwo 
ATSs, and let K, = {K, F) and K.' = {K', F') be the two corresponding fair ATSs. We will construct a game graph 
G = {{V,E), (Vi , V2)) with a parity objective. Before the construction we assume that from every state w G K there 
is an Agent 1 strategy to ensure fairness in K. The assumption is without loss of generality because if there is no such 
strategy from w, then trivially all states w' with same label as w simulate w (as Agent 2 can falsify the fairness from 
w). The states in K from which fairness cannot be ensured can be identified with a quadratic time pre-processing step 
in K (solving Biichi games), and hence we assume that in all remaining states in K fairness can be ensured. The game 
construction is as follows: 

- Player 1 vertices: Vi = {{w, w')\w & W, w' G W such that L{w) = L'{w')} U (Succ(if) x Succ(Js:')) U {©} 

- Player 2 vertices: V2 = Succ(i^) xW x {#, $} 

- Edges. We specify the edges as the following union: E = E1UE2UE3UEIUEIUE5 

El = {{{w,'w') . (Succ(«;, a), «;',#)) | {w. w') &Vi,a& Pi(w)} 

£2 = {((T,«;',#),(r,SuccK,a'))) I {T,w' ,#) &V2,a' & P[{w')} 

E3 = {{{T,T'),{T,r',$)) I {T,T') eVur' €T'} 

El = {{{T, r', $) , (r, r')) | (T, r' , $)eV2,reT, L{r) = L'(r')} 

El = {((T,r',$),©) I (T,r',$) G V2 such that Vr G T ■ L{r) ^ L'{r')} 

E^ = {{©,©)} 

The intuitive description of the game graph is as follows: (i) the player 1 vertices are either state pairs {w, w') with 
same label, or pairs (T, T') of successor sets, or a state ©; and (ii) the player 2 vertices are tuples (T, w' , ix) where T 
is a successor set in S\scc{K), w' a state in K' and txJG {#, $}. The edges are described as follows: (i) Ei describes 
that in vertices {w, w') player 1 can choose an action a G Pi{w), and then the next vertex is the player 2 vertex 
(Succ(w, a), w', #); (ii) E2 describes that in vertices (T, w', #) player 2 can choose an action a' G Pi{w') and then 
the next vertex is (T, Succ(w', a')); (iii) E^ describes that in states (T, T') player 1 can choose a state r' G T' (which 
intuitively corresponds to an action b' G P2(w')) and then the next vertex is (T. $); (iv) the edges E\ Ui?| describes 
that in states (T, r', $} player 2 can either choose a state r G T that matches the label of r' and then the next vertex 
is the player 1 vertex (r, r') (edges i?|) or if there is no match, then the next vertex is ©; and (v) finally E5 specifies 
that the vertex © is an absorbing (sink) vertex with only self-loop. The three-priority parity objective (p* for player 2 
with the priority function p is specified as follows: for vertices v G {W x F') n Vi we have p{v) = 0; for vertices 
V G ((-F xW'\Wx F') n VI) U {©} we have p{v) = 1; and all other vertices have priority 2. 

Plays and runs. Every {w, w')-play on the game (plays that start from vertex {w, w')) induces runs on the structures 
K and K,' as follows : 

- (w,«;')^(To, «;',#), (To,r^), (To,u;i,$), {wi,w[), {Ti,w{,if), {TuT[), (Ti,^,$), (w;2,^), ... corresponds 
to runs w = w,wi,W2 ■ ■ ■ and w' = w' ,w'i,W2 
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- {w,w'), (To, «;',#), {To,Ti), {To,w[,%), {wi,w[), {Ti,w[,#), {T,,Ti), {Ti,w'^,$), {w2,w'^), 
(w„_i,u;Jj_i), (r„_i,w^j_i,#), (r„_i,r;^_i), (r„_i,w'„$), ©, ©, ... con-esponds to finite runs w = 
w, wi, W2 ■ ■ ■ lUn-i, Wn and w' = w' , w[,w'2 ■ ■ ■ w'^, for some Wn £ Tn-i- 

Lemma 1. Consider a play {w,w') = {w,w'), (Tq, {Tq,Tq), {Tq,w'i,$), {wi,w'i), ... on the parity game. 

Then the following assertions hold: 

1. If the play satisfies the parity objective, then the corresponding runs w = Wq,Wi,W2 . . . in JC (where Wq = w) 
and w' = Wq,'w'i,W2 . . . in K,' (where Wq — w' } satisfy that ifw is fair, then w' is fair and for all i > we have 
L(w.,) = L'(w\) . 

2. If the play does not satisfy the parity objective, then (i) if the vertex © is not reached, then the corresponding runs 
W = w,wi,W2 . . . in IC and w' = w\ w'l, W2 . . . in K,' satisfy thatw is fair andw' is not fair; (ii) if the vertex © 
is reached, then for the corresponding finite runs w = w,Wi,W2 . . . Wn andw' = w' ,w'i,'W2 . . . U)^ we have that 
w'n does not match Wn (i.e., L{wn) 7^ L'{w'^)). 

Proof. We prove both the items below: 

1. If the parity objective is satisfied, it follows that the vertex © is never reached. By construction of the game, 
vertices of the form {w, w') satisfy that L{w) = L'{w'), and it follows that for alH > we have L{wi) — L'{w'^). 
Moreover, as the parity objective is satisfied, it follows that if in K, states in F are visited infinitely often, then in 
K' , states in F' must be visited infinitely often, (as otherwise priority 1 vertices will be visited infinitely often and 
priority vertices only finitely often). This completes the proof of the first item. 

2. If the parity objective is not satisfied, and the vertex © is never reached, it follows that priority 1 vertices in 
(F X W \ W X F') f\Vi are visited infinitely often (hence F is visited infinitely often in K) and priority 
vertices ({W x F') n Vi) are visited finitely often (hence F' is visited finitely often in K'). Thus we have a fair run 
in K, but the run in K' is not fair. If the © vertex is reached, then by construction it follows that L{wn) 7^ L'{w'^). 

The desired result follows. I 



Consequence of Lemma\J] We have the following consequence of the lemma. If a play satisfies the parity objective, 
then the corresponding runs satisfy that if we have a fair run in K, then the run in K' is both fair and matches the run 
in K. If the play does not satisfy the parity objective, then we have two cases: (i) the run in K is fair, but the run in K' 
is not fair; or (ii) the run in K' does not match the run in K, and since we assume that from every state in K fairness 
can be ensured, it follows that once we have the finite non-matching run, we can construct a fair run in K that is not 
matched in K' . Thus if the play does not satisfy the parity objective, then in both cases we have a fair run in K and 
the run in K' is either not fair or does not match the run in K. 

Proposition!. LefWin2 — {(^1,^2) | {wi,W2) G Vi, {wi,W2) G W2{$*), i.e., there is a winning state for player 2}. 
Then we have 

Wi„ yweak y strong 
in2 -^fairalt-^fairalt • 

Proof. We first note that by definition we have ^fai°a"t — — fatralt- Hence to prove the result it suffices to show the 
following inclusions: (i) Win2 and (ii) ^^^^alt— VVin2. We prove the inclusions below: 

1. (First inclusion: Win2 '!=^fj°"if). We need to show that Win2 is a strong fair alternating simulation. Let (w, w') S 
Win2, then {w, w') G Vi and by construction of the game we have L{w) = L'{w'). Hence we need to show that 
there exist strategies t' and ^, such that for all strategies r and we have that if p(w, w' , t, t' , ^, is a fair w-run 
in IC, then p'{w, w' , t, t' , ^, is a fair w'-run in IC' and p'{w, w' , t, t', ^, Win2-matches p{w, w' , t, t' , S^, ^'). 
Since {w, w') is a winning vertex for player 2, there exists a memoryless winning strategy for player 2, which 
will ensure that all plays starting from (w, w') and consistent with /3™ will satisfy the parity objective. Note that 
the strategy /S™ specifies the next vertices for vertices in Succ(if) x W' x $}. Using /?™ we can construct 
the required witness strategies t' and ^ for strong fair alternating simulation as follows: 

t'[{w,w') , {■wi,w'i) {■Wn-i,w'„_i) ,a] =a' e Piiw'^^-i) 
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such that Succ(w^_i,a') = 77(2) (/3'"[(T„_i, #)]), where T^-i = Succ(w„_i, a); and 

£,[{w,w') , {wi,w[) (w„_i, ,a,a\b'] = be P2{wn~i) 

such that (5'(w„_i, a, fe) = 7T(i)(/3'"[(r„_i, wjj, $)]), where T„_i = Succ(w„_i,a) and w'^^ — 5' [w'^_i,a' ,b'); 
(U is the projection operator, that is, 7T(i.) (a:i , X2, . . . , Xn) = Xk)- Note that if the game reaches the vertex ©, then 
the objective <1>* for player 2 is violated and player 1 would win. Hence, since f3"^ is a winning strategy for player 
2, it ensures that the play never reaches ©. Hence, the outcome of /?™ on which the projection operator acts always 
lies in Vi \ {©}, and hence is a 2-tuple. Consider a (w, u;')-play consistent with the strategy /?"', where (w, w') is 
in Win2. As described earlier, the (w, it;')-play of the parity game defines two runs: a w-mn, w = w, wi,W2, ■ ■ ■ 
in K and a w'-run w' — w' , w[ , W2 ■ ■ ■ in K' . Since {w, w') is a winning state for player 2, all successor states 
{wkjw'f., #) must also be winning states for player 2. Hence {w^, w^) G Win2 for all A: G N, and it follows that 
the run W' in K' Win2-matches W in K. Since /?™ ensures the parity objective (all plays consistent with /3™ 
satisfy it follows from Lemma[T]that for all strategies r and ^ if p{w, w' , r, r', f , is a fair run on IC (visits 
F infinitely often), then p'{w,w' ,t,t' ,(^,^') is a fair run on K,' (visits F' infinitely often). Hence we have the 
desired first inclusion: Win2 C^^^[°"^. 
2. (Second inclusion: ^^^^^'^^C Win2j. We need to show that if {w, w') &d:Y^,ra\v ^ winning vertex for 

player 2 in the game, that is, there exists a strategy /3 for player 2 such that against all strategies of player 1 the par- 
ity objective <P* is satisfied. By determinacy of parity games on graphs, instead of a winning strategy for player 2 
it suffices to show that against every strategy a of player 1 there is a strategy f3 (dependent on a) for player 2 
to ensure winning against a. Since {w,w') G^f^tralt have (i) L{w) — L'[w') and (ii) there exist a strategy 
r', such that for all strategies r, there exists a strategy ^, such that for all strategies if w', r, r', ^, is 
a fair w-run w in /C, then p'{w, w' , r, r', ^, is a fair w'-run w' in /C' and w' , r, r', ^, ^^^^^'^j-matches 
p{w, w' ,T, t' , ^, ^'). Consider a strategy a for player 1, and let t and ^' be the corresponding strategies obtained 
from a. We construct the desired strategy f3 from r' and ^ as follows: 

/3[(w, w') , ■ • . , , (T„_i, #)] = (T„_i, Succ(wJ,_i, t'[(w, w') , {wi,w[) (w„_i, w^„i) , a])) ; 

where a is such that T„_i = Succ(?i;„_i, a), and 

/3[(w,w') ,. . . , (r„_i,r,j_i) , (T„_i, = ((5(w„_i,a,^[(w,'i«') , {■wi,w[) {■Wn-i,w'^_^) ,a,a' ,b']),w'^) 

where a is such that T„_i = Succ(i(;„_i, a), and a' such that T,'_]^ = Succ(w^_j^, a') and b' such that 
(5'«_i,a',6') = <. We have p'(zi;, zz;', r, r', ^rairaVmatches piw,w' ,t,t' we have L^.) = 
L'{w'^) for all A; G N. It follows that given the strategy a and /3 the vertex © is not reached. Since strategies 
t' and ^ form a witness to weak fair alternating simulation, it follows that if the run p{w, w' , r, r', ^, is fair, 
then p'{w, w' , t, r', ^, £,') is fair, and then by Lemma[T]it follows that the play given a and /3 satisfies the parity 
objective. It follows that against the strategy a of player 1, the strategy /3 is winning for player 2. Thus it follows 
that we have ^Zwait^ Win2. 

The desired result follows. I 

Lemma 2. For the game graph constructed for fair alternating simulation we have | Vi | + | V2I < 0(|VF| • \ W'\ • |^i | • 

lA'il); and \E\ < 0{\W\ ■ \W'\ ■ \Ai\ ■ {\A[\ ■ {A'^l + IA2I)). 

Proof We have |Succ(ii:)| < \W\ ■ \Ai\ and |Succ(if')| < \W'\ ■ |Ai |. Hence we have 

l^il < \W xW'\ + \Succ{K)xSucc{K')\ + l < \W\-\W'\ + {\W\-\Ai\)-{\W'\-\A[\) + l < 0{\W\-\W'\-\Ai\-\A[\)] 
and 

IF2I = 2 • |Succ(iv:) xW'\<2- {\W\ ■ \Ai\) ■ \W'\ 

Thus we have the result for the vertex size. We now obtain the bound on edges. We have \E\ — \Ei\ + \E2\ + I-E3I + 
I £'4 1 + I £"1 1 + I £5 1 , and we obtain bound for them below: 

|£i|< E E \Piiw)\<\W'\-\W\-\A,\ 
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= E E 1^1 ^ ISucc(if)| . \w'\ ■ = \W\ ■ \W'\ ■ \A,\ ■ \A\\ 

T£Succ(K) w'GW 

l^3l = E E l^'l ^ |Succ(if)| . ISucc(if')l ■ 1^2! < IW^I • \W'\ ■ . \A[\ ■ \A',\ 

TeSiicc{K) T'£Suaz{K') 

where for the first inequality above we used the fact that \T'\ < | |; 

l^il - E E 1^1 ^ l^'l ■ |Succ(X)| . < \W'\ . \W\ . \A,\ . I^l^l 

r'eW TeS\icc(K) 

where for the first inequaUty above we used that |r| < |v42 1; 

\El\< J2 l<\W'\-\SucciK)\<\W'\-\W\-\A^\; 

r'eW TeSucc(K) 

and finally |£;5| = 1. Hence we have \E\ ^ 0{\W\ ■ \W'\ ■ \Ai\ ■ {\A[\ ■ \A'^\ + l^al))- ■ 

The above lemma bounds the size of the game, and we require that the game graph can be constructed in time 
quadratic in the size of the game graph and in the following section we will present a more efficient (than quadratic) 
construction of the game graph. Proposition [T] along with the complexity to solve parity games with three priorities 
gives us the following theorem. The result for fair simulation follows as a special case and the details are presented in 
the technical details appendix. 

Theorem 4. We have ^rairait=^fai°aif' relation <f^°^^^ can be computed in time 0{\W\^ ■ \W'\^ ■ \Ai\^ ■ \A[\ ■ 
(\A'i\ ■ \A'2\ + \A2\)) for two fair ATSs IC andfC'. The fair simulation relation :<is\r can be computed in time 0{\W\ ■ 
\W'\ ■ {\W\ ■ \R'\ + \W'\ ■ \R\)) for two fair TSsK and IC'. 

Remark!. We consider the complexity of fair simulation, and let n = \W\ = \W'\ and m = \R\ — | i?' | . The previous 
algorithm of 1 10| requires time 0{n^) and our algorithm requires time 0{n^ ■ m). Since m is at most n^, our algorithm 
takes in worst case time O(n^) and in most practical cases we have m — 0{n) and then our algorithm requires 0{n^) 
time as compared to the previous known 0{n^) algorithm. 

4 Alternating Simulation 

In this section we will present two algorithms to compute the maximum alternating simulation relation for two ATSs K 
and K' . The first algorithm for the problem was presented in |2| and we refer to the algorithm as the basic algorithm. 
The basic algorithm iteratively consideres pairs of states and examines if they are already witnessed to be not in the 
alternating simulation relation, removes them and continues until a fix-point is reached. The algorithm is described as 
Algorithm[T](see Theorem 3 of [2]). The correctness of the basic algorithm was shown in 12j, and the time complexity 
of the algorithm is 0{\W\^ ■ \W'\^ ■\Ai\- \A{\- 1^2| • |A^|): (i) time take by // condition is 0(|Ai| • \A'^\- 1^2 1 • |^^|); 
(ii) time taken by the nested For loops is O ( | | • | W \ ) ; and (iii) the maximum number of iterations of the While loop 
is 0{\W\ ■ \W'\). 

4.1 Improved Algorithm Through Games 

In this section we present an improved algorithm for alternating simulation by reduction to reachability-safety games. 

Game construction. Given two ATSs K = {E,W,{S,Ai,A2,Pi,P2,L,5) and K' = 
{S, W, w\ A[,A'2,Pi, P^,L\ S'), we construct a game graph G = {{V, E), (Vi, V2)) as follows: 

- Player 1 vertices: Vi ^ {W x W) U (Succ(i^) x Succ{K')); 

- Player 2 vertices: V2 = Succ{K) xW x {#,$}; 
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Algorithm 1 Basic Algorithm 



Input: K = {i:,W,w,Ai, A2, Pi, P2, L,6), K' = {S,W',vS',Ai,A'2,Pi,Pi,L',6'). 

Output: ^altsim- 

1. while (^""V^) 

1.2 for all w€W,w' €W' 

if (w w' and 3o e Pi(m;) • Va' e P[{w') ■ 36' e P:i(M)') • V6 € P2(iy) • S{w, a, b) <5(«;', a', b')), then 
^^^\ {(»,«;')} 

2. return ^. 



- Edges: The edge set is specified as the following union: E = EiU E2D E3U 

El = {{{w,w'),{Succ{w,a),w',#)) \ w£W,w' € W\aePiiw)} 
E2 = {((T, «;',#) , {T,Succ{w',a'))) \ T e Succ{K),w' G W',a' G Pi{w')} 
E3 = {((T, T') , {T, r', $)) I T e Succ(/sr), T' e Succ(/ir'), r' e T'} 
= {((T, /, $) , (r, /)) I T G Succ{K),r' GW',r€ T} 

LetT = {{w,w') I 7^ be the state pairs that does not match by the labeling function, and let F = V\T. 

The objective for player 1 is to reach T (i.e., Reach(T)) and the objective for player 2 is the safety objective Safe(i^). 
In the following proposition we establish the connection of the winning set for player 2 and ^aitsim- 

Proposition 2. LetWm^ = {{w,w') \w &W,w' € W\ {w,w') G W2{Saie{F)) i.e., is a winning vertex for player 2}. 
Then we have Win2 =^aitsim. 

Proof. We prove the result by proving two inclusions: (i) Win2 C^aitsim and (ii) ^aitsimC Win2. 

1. (First inclusion: Win2 ^^3^5;^). We show that Win2 is an alternating simulation relation. Let (w, w') be a winning 
vertex in Win2 for player 2. Since the set of winning vertices is disjoint from T = {(w, w') \ L{w) ^ L'iw')}, 
we can conclude that L{w) = L'{w'). Thus, we only need to show that for all (w, w') G Win2 we have 

Va G Pi{w) ■ 3a' G P[{w') -yh' G P^(w') • 36 G P2H • {5{w,a,h),5' {w' ,a' ,h')) G Win2 

We have the following analysis: 

• Since (w, w') is a player-1 vertex, all transitions of player 1 to (Succ(w, a),w' , #) must be a winning vertex 
for player 2 for all a G Pi (q). 

• Since (Succ(w, a),w' , #) is a player-2 vertex and is a winning vertex for player 2, there exists a transition, 
that is, there exists a' G P{ {w'), such that (Succ(w, a), Succ(w', a')) is a winning vertex for player 2. 

• Since (Succ(w, a), Succ(w', a')) is a player-1 vertex and is a winning vertex for player 2, for all transitions, 
that is, for all b' G P2{w'), (Succ(w, a), 6'{'w', a', b'), $) is a winning vertex for player 2. 

• Since (Succ(i(;, a), 5'{q', a', b'), $) is a player-2 vertex and is a winning vertex for player 2, there exists a 
transition, that is, there exists b G P2(w) such that a, b), S'{w' , a', b')) is a winning vertex for player 2. 

It follows that Win2 is an alternating simulation relation and hence Win2 C^aitsim- 

2. (Second inclusion: ^aitsimC Win2j. We need to show that (w, w') is a winning vertex for player 2, for all 
{WjW') G^aitsim- Since (wjw') G^aitsim, it follows that L{w) = L'{w'). Hence ^aitsim is disjoint from 
T = {{w,w') I L{w) ^ L'{w')}. Thus, it suffices to show that starting from {w,w') the player 2 can force 
that the game never reaches T. We know that for all (w, w') G^aitsim we have 

Vo G Pi{w) ■ 3a' G Pi{w') ■ W G P2{w') ■ 3b G P2{w) ■ {6{w, a, b), 6'{w', a', b')) G^aitsim 

Thus, starting from all vertices {w, w') such that {w, w') G^aitsim the player 2 can force that the game reaches 
some (r, r') such that (r, r') G^aitsim, that is, player 2 can force that the game always stays in states mF = V\T 
(as ^aitsim nT = 0). Hence ^aitsimC Win2. 
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The desired result follows. 



The algorithmic analysis will be completed in two steps: (1) estimating the size of the game graph; and (2) analyz- 
ing the complexity to construct the game graph from the ATSs. 

Lemma 3. For the gatne graph constructed for alternating simulation, we have |Vi| + |V2| < 0(|W^[ • • |j4i [ • [^'j^ |) 
and\E\ < 0{\W\ ■ \W'\ ■ \A,\ ■ i\A[\ ■ \A'^\ + lA^D). 

Proof. We have 

\Vi\ = \Wx W'\ + |Succ(if) X Succ(if')| < \W\ ■ \W'\ + {\W\- \A^\) ■ {\W'\ ■ \A[\) = 0(]W\ ■ \W\' ■ • \A\\); 

\V2\ = 2 • |Succ(ii:) xW'\<2- {\W\ ■ \Ai\) ■ \W'\ ^2-\W\- \W'\ ■ \Ai\ 

The bound for |Vi| + |V2| follows. We now consider the bound for the size of E. We have \E\ — |£'i| + |£'2| + |-E3| + |i?4|, 
and we obtain bounds for them below: 

E E \Piiw)\<\W'\-\W\-\A^\ 

TeSucc{K) w'£W' 

l^3l= E E |T'|<|Succ(i^)|.|Succ(i^')|-|^2l<|W^|-|W^'|-|^i|-|^'i|-|^2l 

TeSucc(A') T'eSucc(K') 

\EA = E E 1^1 ^ l^'l • |Succ(^)l ■ \A2\ < \W'\ ■ \W\ ■ \A,\ ■ \A2\ 

r'eW TeSuizc{K) 

where in the bound for E^ we used \T'\ < \A2\ and in the bound for E4 we used \T\ < \A2\. It follows that 
\E\ = 0{\W\ ■ \W'\ ■ \Ai\ ■ • + IA2I)), and the desired result follows. I 

Game graph construction complexity. We now show that the game graph can be constructed in time linear in the 
size of the game graph. The data strucutre for the game graph is as follows: we map every vertex in Vi U V2 to a unique 
integer, and construct the list of edges. Given this data structure for the game graph, the winning sets for reachability 
and safety objectives can be computed in hnear time 1311 II . We now present the details of the construction of the game 
graph data structure. 

Basic requirements. We start with some basic facts. For two sets A and B, if we have two bijective functions Ja ■ 
A <-> {0, . . . , |A| — 1} and /b '■ B ^ {0, . . . ,\B\ — 1}, then we can assign a unique integer to elements of A x B 
in time 0(|^| • \B\). Since it is easy to construct bijective functions for W and W', we need to construct such 
bijective functions for Succ{K) and Succ(_ft'') to ensure that every vertex has a unique integer We will present data 
structure that would achieve the following: (i) construct bijective function /k ■ Succ(i^) o {0, . . . , |Succ(i^)| — 1}; 
(ii) construct function Hk ■ W x Ai {0, . . . , |Succ(i^)| — 1} such that for all w ^ W and a e Pi{w) we have 
HkHw, a)) = //f (Succ(w, a)), i.e., it gives the unique number for the successor set of w and action a; (iii) construct 
function : {0, 1, ... , |Succ(X)| - 1} ^ 2^ such that for all T e Succ(if) we have gxifKiT)) is the list of states 
in T. We will construct the same for K', and also ensure that for all T we compute gK{fK{T)) in time proportional to 
the size of T. We first argue how the above functions are sufficient to construct every edge in constant time: (i) edges 
in El can be constructed by considering state paks {w, w'), actions a G Pi{w), and with the function hxHw, a)) 
we add the required edge, and the result for edges E2 is similar with the function hx' ; (ii) edges in E^ and E4 are 
generated using the function gK that gives the list of states for gK{fK{T)) in time proportional to the size of T. Hence 
every edge can be generated in constant time, given the functions, and it follows that with the above functions the 
game construction is achieved in linear time. We now present the data structure to support the above functions. 

Binary tree data structure. Observe that Succ(ivr) is a set such that each element is a successor set (i.e., elements are 
set of states). Without efficient data structure the requirements for the functions Jk, hx, and gK cannot be achieved. 
The data structure we use is a binary tree data structure. We assume that states in W are uniquely numbered from 
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1 to \ W\ Consider a binary tree, such that every leaf has depth \ W\, i.e., the length of the path from root to a leaf is 
\W\. Each path from the root to a leaf represents a set — every path consists of a \ W\ length sequence of left and right 
choices. Consider a path tt in the binary tree, and the path tt represents a subset Wt^t of W as follows: if the i-th step of 
TT is left, then Wi ^ Wtt, if the i-th step is right, then Wi e W-^. Thus, Succ(iir) is the collection of all sets represented 
by paths (from root to leaves) in this tree. We have several steps and we describe them below. 

1. Creation of binary tree. The binary tree BT is created as follows. Initially the tree BT is empty. For allw^W 
and all a £ Piiw) we generate the set Succ((w, a)) as a Boolean array Ar of length \ W\ such that Ar[i] = 1 if 
Wi e Succ(i(;, a) and otherwise. We use the array Ar to add the set Succ((i(;, a)) to BT as follows: we proceed 
from the root, if Ar[0] = we add left edge, else the right edge, and proceed with Ar[l] and so on. For every 
w € W and a G Pi{w), the array Ar is generated by going over actions in P2{w), and the addition of the set 
Succ(w, a) to the tree is achieved in 0(|M^|) time. The initialization of array Ar also requires time 0(|M^|). Hence 
the total time required is 0(|V7| • |^i | ■ {\W\ + |^2|))- The tree has at most \ W\ ■ \Ai \ leaves and hence the size 
of the tree is 0{\W\^ ■ \Ai\). 

2. The functions fx, Qk and Hk- Let Lf denote the leaves of the tree BT, and note that every leaf represents an 
element of Succ(iir). We do a DFT (depth-first traversal) of the tree BT and assign every leaf the number according 
to the order of leaves in which it appears in the DFT. Hence the function /k is constructed in time 0(|VKp ■ |Ai |). 
Moreover, when we construct the function /k, we create an array GAr of Usts for the function . If a leaf is 
assigned number i by /a-, we go from the leaf to the root and find the set T € Succ(X) that the leaf represents 
and GAr[«] is the list of states in T. Hence the construction of gK takes time at most 0(|M^| • |^i| • \W\). The 
function hx is stored as a two-dimensional array of integers with rows indexed by numbers from to \ W\ — 1, 
and columns by numbers to \ Ai \ — 1. For a state w and action a, we generate the Boolean array Ar, and use the 
array Ar to traverse BT, obtain the leaf for Succ((w, a)), and assign hK{{w, a)) ~ /a'(Succ(w, a)). It follows 
that/iA is generatedintimeO(|W| • |^i| • {\W\ + \A2\)). 

From the above graph construction. Proposition |2] Lemma [3] and the linear time algorithms to solve games with 
reachability and safety objectives we have the following result for computing alternating simulation. 

Theorems. The relation ^aitsim can be computed in time 0{\W\ ■ \ W'\ ■ \ Ai \ ■ {\A[ \ • l^sl + 1^2 1) + ■ l^il + 
\W'\'^ ■ \A[\) for twoATSs K and K'. The relation ^aitsim can be computed in time 0{\W\ ■ \R'\ + \ W'\ ■ \R\)for two 
TSs K and K' . 

The result for the special case of TSs is obtained by noticing that for TSs we have both \V\ and \E\ at most 
\W\ ■ \R'\ + \W'\ ■ \R\ (see technical details appendix for details), and our algorithm matches the complexity of the 
best known algorithm of |9| for simulation for transition systems. Let us denote by n = \W\ and n' = \W'\ the size of 
the state spaces, and by m = \W\ ■ \Ai \ ■ \A2 \ and m' = \ W\ ■ \A[ \ ■ |^2l the size of the transition relations. Then the 
basic algorithm requires 0{n ■ n' ■ m ■ m!) time, whereas our algorithm requires at most 0{m ■ m! + n ■ m + n' ■ m') 
time, and when n — n' and m = m' , then the basic algorithm requires 0{{n ■ m)^) time and our algorithm takes 
O(m^) time. 

4.2 Iterative Algorithm 

In this section we will present an iterative algorithm for alternating simulation. For our algorithm we will first present 
a new and alternative characterization of alternating simulation through successor set simulation. 

Definition? (Successor set simulation). Given two ATSs K = {S,W,w, Ai, A2, Pi, P2, L.S) and K' = 
{S,W' jw' , A[, A2, P{, P2, L' ,S'), a relation ~C W x W' is a successor set simulation /rom K to K' , if there 
exists a companion relation ~^C_ Succ(ii'') x Succ(_ftr), such that the following conditions hold: 

- for all {w, w') S~ we have L{w) — L'{w'); 

- if {w,w') then for all actions a £ Pi{w), there exists an action a' G P{(w') such that 
(Succ(w', a'), Succ(w, a)) G~'^; and 

- if (T' , T) E~^, then for all r' G T' , there exists r € T such that (r, r') G~. 



12 



We denote by ~* the maximum successor set simulation. 

We now show that successor set simulation and alternating simulation coincide, and then present the iterative 
algorithm to compute the maximum successor set simulation ~*. 

Lemma 4. The following assertions hold: (1) Every successor set simulation is an alternating simulation, and every 
alternating simulation is a successor set simulation. (2) We have ~*=^aitsinT 

Proof. The second assertion is an easy consequence of the first one, and we prove inclusion in both directions to prove 
the first assertion. 

- (Alternating simulation implies successor set simulation). Suppose ^ is an alternating simulation. We need to 
prove that ^ is also a successor set simulation. For this we will construct the witness companion relation «'^C 
Succ(i4r') X Succ(_ftr) to satisfy Definition|2l 

We define 

Usucdw' a') Sucdw a)) I (^'"''^ ^- ^ PiH^<^' ^ Pii^')- \ 

_ - l^ucqw ,a j,bucc^u;,ajj I V6' e P^K) ' 36 e PsH • (<5(«i, a, 6), J'K, a', fe')) e^J 

Clearly, if (T', T) e-'^, then T' = Succ(-u;', a') and T = Succ(u;, a) for some {w,w') er< and a G Pi{w) and 
a' e Pi'(w') such that for all b' e P2{w') there exists b G P2(u'), such that {S{w, a, b), 5' {w' , a' , h')) e^. Since 
every r' in T' is such that r' = 6'{w' , a', b') for some b' G P2{w'), we have that for every r' G T' , there exists 
b e P2(w), such that {6{'w, a, b), r') Hence for every r' £ T', there exists r <E T such that (r, r') e^. The 
other requirements of Definition [T] are trivially satisfied. Hence ^ is also a successor set simulation. 

- (Successor set simulation implies alternating simulation). Suppose ~ is a successor set simulation. Hence there 
exists a companion relation w-^C Succ(if') x Succ(iir) satisfying the requirements of Definition |2l We need 
to prove that ~ is also an alternating simulation. From Definition |2l for all (w,w') G~, for all a G Pi{w), 
there exists a' G P{{w') such that (Succ(w', a'), Succ(w, a)) G~"^. Now, for any b' G P2(w'), there exists 
r' G Succ{w' ,a'), such that r' = S' {w' ,a' ,b'). Since, (Succ(u'', a'), Succ(u). a)) G~"^, and r' G Succ(w',a'), 
there exists a r G Succ(?i;, a) and hence there exists b G P2{w) satisfying r — d{w, a, b), such that (r, r') G~, 
which is same as {S{w, a, b),6'{w' , a' , b')) G~. Hence ~ is also an alternating simulation. 

This completes the proof. I 

We will now present our iterative algorithm to compute ~*, and we will denote by ~^ the witness com- 
panion relation of ~*. Our algorithm will use the following graph construction: Given an ATS K, we will con- 
struct the graph Gk — {Vk,Ek) as follows: (1) Vk — W U Succ(_ftr), where W is the set of states; and 
(2)Ek = {(u;,Succ(w;,a)) | u; G A a G PiH} U {(T,r) | T G Succ(if ) A r G T}. The graph can be con- 
structed in time 0(|T4^p-|Ai|) using the binary tree data structure described earlier. Our algorithm will use the standard 
notation of Pre and Post: given a graph G = {V, E), for a set U of states, Post(C/) ~ {v \ 3u G U, {u, v) G E} is 
the set of successor states of U, and similarly, Pre{U) — {v \ 3u G U, {v, u) G E} is the set of predecessor states. If 
U = {q} is singleton, we will write Post((7) instead of Post({g}). Note that in the graph Gk for the state T G Succ(i^) 
we have Post(r) = {q \ q G T} = T . Given ATSs K and K' our algorithm will work simultaneously on the graphs 
Gk and Gk' using three data structures, namely, sim, count and remove for the relation ~* (resp. sim'^, count^ and 
remove'^ for the companion relation ~'^). The data structures are as follows: (1) Intuitively sim will be an overap- 
proximation of ~*, and will be maintained as a two-dimensional Boolean array so that whenever the i,j-th entry is 
false, then we have a witness that the j-th state Wj of K' does not simulate the i-th state Wi of K (similary we have 
sim'^ over Succ(i4r') and Succ(iir) for the relation ~"^). (2) The data structure count is two-dimensional array, such 
that for a state w' G W and T G Succ(iir) we have count(i(;', T) is the number of elements in the intersection of 
the successor states of w' and the set of all states that T simulates according to sim"^; and we also have similar array 
counf^ for T, w' elements. (3) Finally, the data structure remove is a list of sets, where for every w' G W we have 
remove(?i;') is a set such that every element of the set belongs to Succ(A'). Similarly for every T G Succ(/f ) we have 
remove'^(T) is a set of states. Intuitively the interpretation of remove data structure will be as follows: if T G Succ(i4r) 
belongs to remove(?i;'), then no element w of T is simulated by w' . Our algorithm will always maintain sim (resp. 
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Sim ) as overapproximation of ~ (resp. ~ ), and will iteratively prune them. Our algorithm is iterative and we denote 
by prevsim (resp. prevsim ) the sim (resp. sim ) of the previous iteration. To give an intuitive idea of the invariants 
maintained by the algorithm (Algorithm|2]i let us denote by sim(i(;) the set of w' such that sim(w, w') is true, and let us 
denote by invsim(w') the inverse of sim(w'), i.e., the set of states w such that [w^ w')-th element of sim is true (similar 
notation for invprevsim(?i;'), invsim'^(T) and invprevsim'^(r)). The algorithm will ensure the following invariants at 
different steps: 

1. Forw e iy,w' e W andT e Succ(A'),T' e Succ(X')' 

(a) if sim(i(j, w') is false, then (w, w') ^~*; 

(b) similai-ly, if sim-^(r', T) is false, then (T', T) (^^^ . 

2. For w' e W and T e Succ^X), 

(a) count(w',r) = |Post(w') n invsim'^(T)|; and 

(b) count(T,u>') = |Post(T) n invsim(u;')| = |r n invsim(w')| 

3. For w' e W and T e Succ(X), 

(a) remove(w') = Pre(invprevsim(t(;')) \ Pre(invsim(w')) 

(b) remove(T) = Pre(invprevsim'^(T)) \ Pre(invsim'5(T)). 

The algorithm has two phases: the initialization phase, where the data structures are initialized; and then a while 
loop. The while loop consists of two parts: one is pruning of sim and the other is the pruning of sim"^ and both the 
pruning steps are similar. The initialization phase initializes the data structures and is described in Steps 1, 2, and 3 of 
Algorithm|2] Then the algorithm calls the two pruning steps in a while loop. The condition of the while loop checks 
whether prevsim and sim are the same, and it is done in constant time by simply checking whether remove is empty. 
We now describe one of the pruning procedures and the other is similar. The pruning step is similar to the pruning step 
of the algorithm of f9l for simulation on transition systems. We describe the pruning procedure PruneSimStrSucc. 
For every state w' G W' such that the set remove(w') is non-empty, we run a for loop. In the for loop we first obtain 
the predecessors T' of w' in Gk' (each predecessor belongs to Succ(if )) and an element T from remove(w'). If 
sim'^(T', T) is true, then we do the following steps: (i) We set sim'^(r', T) to false, because we know that there does 
not exist any element w E T such that w' simulates w. (ii) Then for all s' that are predecessors of T' in Gk' we 
decrement count(s', T), and if the count is zero, then we add s' to the remove set of T. Finally we set the remove set 
of w' to 0. The description of PruneSimStr to prune sim is similar. 

Correctness. Our correctness proof will be in two steps. First we will show that invariant 1 (both about sim and sim'^) 
and invariant 2 (both about count and count^) are true at the beginning of step 4.1. The invariant 3. (a) (on remove) is 
true after the procedure call PruneSimStr (step 4.4) and invariant 3.(b) (on remove"^) is true after the procedure call 
PruneSimStrSucc (step 4.3). We will then argue that these invariants ensure correctness of the algorithm. 

Maintaining invariants. We first consider invaraint 1, and focus on invariant l.(b) (as the other case is symmetric). In 
procedure PruneSimStrSucc when we set sim'^(T', T) to false, we need to show that (T', T) The argument 
is as follows: when we set sim'^(T', T) to false, we know that since T G remove(?i;') we have counf^(T, w') — (i.e., 
Post(T) n invs\m{w') — 0). This implies that for every w G T we have that w' does not simulate w. Also note that 
since counf^ is never incremented, if it reaches zero, it remains zero. This proves the correctness of invariant 1 .(b) (and 
similar argument holds for invariant l.(a)). The correctness for invariant 2. (a) and 2.(b) is as follows: whenever we 
decrement count(s', T) we have set sim'^(r', T) to false, and T' was earlier both in Post(s') as well as in invsim'^(r), 
and is now removed from invsim'^(r). Hence from the set Post(s') n invsim'^(T) we remove the element T' and 
its cardinality decreases by 1. This establishes correctness of invariant 2. (a) (and invariant 2.(b) is similar). Finally 
we consider invariant 3. (a): when we add s' to remove'^ (T), then we know that count(s',r) was decremented to 
zero, which means T' belongs to invprevsim'^(T), but not to invsim'^(T). Thus s' belongs to Pre(invprevsim'^(r)) 
(since s' belongs to Pre(r')), but not to Pre(invsim'^(r)). This shows that s' belongs to remove'^ (T), and establishes 
correctness of the desired invariant (argument for invariant 3.(b) is similar). 

Invariants to correctness. The initialization part ensures that sim is an overapproximation of ~* and it follows from 
invariant 1 that the output is an overapproximation of ~*. Similarly we also have that sim'^ in the end is an overap- 
proximation of To complete the correctness proof, let sim and sim'^ be the result when the while loop iterations 
end. We will now show that sim and sim'^ are witness to satisfy successor set simulation. We know that when the 
algorithm terminates, remove(w') = for every w' E W, and remove"^ (T) = for every T S Succ(if) (this follows 
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Algorithm 2 Iterative Algorithm 



Input: K = {E,W,w,Ai,A2,Pi,P2,L,S),K' = {E,W',w',A\, A'^ ,Pi,Pi,L' ,S'). 
Output: 55*. 

1. Initialize sim and sim'^: 

1.1. for all w eW,w' e W 

prevsim(w, to') -f- true; 

if L{'w) = L' {w'), then sim(ui, w') trae; 

else sim(ui,u;') false; 

1.2. for all T e Succ{K) and T' G Succ(A") 

prevsim'^(T', T) = sim^(r', T) ^ trae; 

2. Initialize count and count^: 

2.1. for all w' e W' and T G Succ(7i') 

count(w',r) IPost(TO') n invsim^(T)l = |Post(TO')|; 
count^(T,TO') ^ |Post(T) n i nvsim(w')|; 

3. Initialize remove and remove^: 

3.1. for all w' G W 

remove(TO') Succ(ii') \ Pre(invsim(TO')); 

3.2. for all T G Succ(i4:) 

remove^ (T) 0; 
Pruning while loop: 

4. while prevsim 7^ sim 

4.1 prevsim sim; 

4.2 prevsim'^ ^ sim^; 

4.3 Procedure PruneSimStrSucc; 

4.4 Procedure PruneSimStr; 

5. return {(ui, w') G VK x VK' | sim(ui, w') is trae}; 



since sim = prevsim). To show that sim and sim'^ are witnesses to satisfy successor set simulation, we need to show 
the following two properties: (i) If sim(w, w') is true, then for every a e Pi{w), there exists a' G P[{w') such that 
sim'^(Succ(w', a'), Succ(?«, a)) is true, (ii) If sim'^(T',r) is true, then for every s' G T', there exists s ^ T such 
that sim(s, s') is true. The property (i) holds because for every a G Pi{w), we have that count(?i'', T) > 0, where 
T = Succ(?i;,a), (because otherwise, w' would have been inserted in remove(T), but since remove(T) is empty, 
consequently sim(i(;, w') must have been made false). Hence we have that Post(w') n invsim'^(r) is non-empty and 
hence there exists T' G Post(w') such that sim'^(r', T) is true. Similar argument works for (ii). Thus we have estab- 
lished that sim is both an overapproximation of ~* and also a witness successor set relation. Since ~* is the maximum 
successor set relation, it follows that Algorithm|2]correctly computes ~*=^aitsim (^*=^aitsim by Lemma]?]). 
Space complexity. We now argue that the space complexity of the iterative algorithm is superior as compared to the 
game based algorithm. We first show that the space taken by Algorithm]2]is 0(|iyp -1^11 + \W'\'^ ■ \A[ \ + \W\ ■ \W'\ ■ 
\Ai I • \ A'i\). For the iterative algorithm, the space requirements are, (i) sim and sim"^ require at most 0(| ■ \ W\) and 
0(|VK| • \W'\ ■ \Ai\ ■ \A'i\) space, respectively; (ii) count and counf^ require at most 0(|VF| • \W'\ ■ \Ai\) space each; 
(iii) remove and remove'^ maintained as an array of sets require at most 0(|M^| • \ W' \ ■ \ Ai |), space each. Also, for the 
construction of graphs Gk and Gk' using the binary tree data structure as described earlier, the space required is at 
most 0(|iyp-|yli|) and O (| M^' p • | A'j^ |) , respectively. As compared to the space requirement of the iterative algorithm, 
the game based algorithm requires to store the entire game graph and requires at least 0(| 14^ | • \ W'\ ■ \Ai \ ■ \A[ \ ■ lA^) 
space (to store edges in E^) as well as space 0(|Vl^p • \Ai \ + \W'\'^ ■ \ A[\) for the binary tree data structure. The 
iterative algorithm can be viewed as an efficient simultaneous pruning algorithm that does not explicitly construct the 
game graph (and thus saves at least a factor of jAj] in terms of space). We now show that the iterative algorithm along 
with being space efficient matches the time complexity of the game based algorithm. 

Tmie complexity. The data structures for sim (also sim"^) and count (also count^) are as described earlier We store 
remove and remove"^ as a list of lists (i.e., it is a list of sets, and sets are stored as lists). It is easy to verify that all 
the non-loop operations take unit cost, and thus for the time complexity, we need to estimate the number of times 
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Algorithm 3 Procedure PruneSimStrSucc 

1. forall w' G W' such that remove (to') / 

1.1. forall T' G Pre(w') and T G remove(TO') 
1.1.1 if (sim^(T',r)) 

sinT^'(r',r) ^ false; 
l.l.l.A. forall {a' G Pre(T')) 

count(s', T) ^ count(s', T) - 1; 

if (count(s',T) = ) 

remove*' (T) ^ remove*' (T) U {s'}; 

1.2. remove(TO') 0; 



Algorithm 4 Procedure PruneSimStr 

1. forall T G Succ(A') such that remove*" (T) / 

1.1. forall w G Pre(T) and w' G remove* (T) 
1.1.1 \i{s\m{w,w')) 

sim(TO, w') false; 
l.l.l.A. forall {D G Pre(TO)) 

count*(Z),ui') count*(Z), w') - 1; 

if (count* (D, to') = ) 

remove(it;') ^ remove(ix;') U {D}; 

1.2. remove* (T) ^ 0; 



the different loops could run. Also the analysis of the initialization steps are straight forward, and we present the 
analysis of the loops below: (1) The while loop (Step 4) of Algorithm |2] can run for at most \W\ ■ \W'\ iterations 
because in every iteration (except the last iteration) at least one entry of sim changes from true to false (otherwise 
the iteration stops), and sim has \W\ ■ |M^'|-entries. (2) The forall loop (Step 1) in Algorithm[3]can overall run for at 
most \W'\ ■ \ W\ ■ \Ai \ iterations. This is because elements of remove(w') are from Succ(/f) and elements T from 
Succ{K) are included in remove(w') at most once (when counf^(r, w') is set to zero, and once counf^(T, w') is set 
to zero, it remains zero). Thus remove(?i'') can be non-empty at most |Succ(i^)| times, and hence the loop runs at 
most \W\ ■ \Ai\ times for states w' € W'. (3) The forall loop (Step 1.1) in Algorithm [3] can overall run for at most 
|V1^'| • ■ 1^2! • 1^1 • l^il iterations. The reasoning is as follows: for every edge {T',w') G Gk' and T G Succ(iir) 
the loop runs at most once (since every T is included in remove(?i'') at most once). Hence the number of times the 
loop runs is at most the number of edges in Gk' (at most \W'\ ■ \A[\ ■ | | ) times the number of elements in Succ(ii') 
(at most \W\ ■ \Ai\). Thus overall the number of iterations of Step 1.1 of Algorithm[3]is at most \W'\ ■ \A[\ ■ \W\ ■ \Ai\. 
(4) The forall loop (Step l.l.l.A) in Algorithm[3]can overall run for at most \W'\ ■ \A[\ ■ l^jl ' l^^l ' l^il iterations 
because every edge (s', T') in Gk' would be iterated at most once for every T G Succ(iir) (as for every T, T' we 
set sim'^(T, T') false at most once, and the loop gets executed when such an entry is set to false). The analysis of the 
following items (5), (6), and (7), are similar to (2), (3), and (4), respectively. (5) The forall loop (Step 1) in Algorithm|4] 
can overall run for at most \W\ ■ \ Ai \ ■ \W'\ iterations, because remove'^ (T) can be non-empty at most \W'\ times 
(i.e., the number of different T is at most |Succ(ii:)| = \W\ ■ \Ai\). (6) The forall loop (Step 1.1) in Algorithm|4]can 
overall run for at most \W\ ■ \ Ai \ ■ \ A2 \ ■ \ W'\ iterations because every edge (w, T) in Gk can be iterated over at most 
once for every w' (the number of edges in Gk is \W\ ■ \Ai\ ■ \A2\ and number of w' is at most |Vt^'|). (7) The forall 
loop (Step l.l.l.A) in Algorithm |4] can overall run for at most \W\ ■ \Ai\ ■ \A2\ ■ \W'\ iterations because every edge 
{w, D) in Gk would be iterated over at most once for every w' G W. Adding the above terms, we get that the total 
time complexity is 0(|M^| • \W\ ■ \Ai\ ■ {\A[\ ■ {Ai^l + 1^21)). i-e-> the time complexity matches the time complexity 
of the game reduction based algorithm. We also tabulate our analysis in Table [T] We also remark that for transition 
systems (TSs), the procedure PruneSimStrSucc coincides with PruneSimStr and our algorithm simplifies to the 
algorithm of (|9|, and thus matches the complexity of computing simulation for TSs. 
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Step 


Complexity 


Justification 


while loop (Step 4 of Algorithm|2} 


o(\w\ ■ \W'\) 

^ \ 1 ' ' 1 1 ' ' 1 / 


all (except the last) iteration changes at least one of 
the \ W\ ■ |W'i -entries of sim from true to false 


forall loop (Step 1 of Algorithm^ 


Oi\W'\ ■ \W\ ■ \Ai\) 


remove(w') can be non-empty only 

Siirr^/^^l timp*; for paph ?*/ \A/^ 


forall loop (Step 1.1 of Algorithm^ 


0(|Succ(7^)|.r'|.K|-|^2l) 


every edge in Gk' can be iterated at most once 
for each T in Succ(_?('), and number of edges 
in Gk' is \W'\ ■ lA'il ■ \A'2\ 


forall loop (Step 1.1.1. A of Algorithm^ 


o(|Succ(i^)|.|iy'|.KI-l^2|) 


every edge in Gk' can be iterated at most once 
for each T in S\icz{K), and number of edges 
in Gk' is IVK'j ■ l^il • 1^2! 


forall loop (Step 1 of Algorithm|4ll 


0{\W'\ ■ \W\ ■ \Ai\) 


remove* (r) can be non-empty only 
\W'\ times, for each T G Succ(A') 


forall loop (Step 1.1 of Algorithm|4li 


0{\W'\-\W\-\A^\-\A2\) 


every edge in Gk can be iterated at most once 
for each w' inW' , and number of edges 
in Gk is \W\ ■ \A^\ ■ IA2I 


forall loop (Step 1.1.1. A of Algorithm|4ll 


0{\W'\-\W\-\A^\-\A,\) 


every edge in Gk can be iterated at most once 
for each w' inW' , and number of edges 
in Gkk \W\ ■\Ai\- \A2\ 



Table 1. Loop- wise complexity 



Theorem 6. Algorithm^correctly computes ^aitsim in time 0{\W\ ■ \W'\ ■\Ai\- • jyl!,! + IA2I) + \Wf -1^11 + 

|iy'|2 . 



5 Conclusion 

In this work we presented faster algorithms for alternating simulation and alternating fair simulation which are core 
algorithmic problems in analysis of composite and open reactive systems, as well as state space reduction for graph 
games (that has deep connection with automata theory and logic). Moreover, our algorithms are obtained as efficient 
reductions to graph games with reachability and parity objectives with three priorities, and efficient implementations 
exist for all these problems (for example, see 1 13 1 for implementation of games with reachability and parity objectives, 
and Is] for specialized implementation of games with parity objectives with three priorities). 
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Technical Details Appendix 



6 Fair Alternating Simulation 

We now present the reduction to parity games with three priorities for the special case of fair simulation. Given the 
fair TSs /C = {K, F) and IC' = {!<', F'), we construct the game graph G = {{V, E), {Vi , V2)) is as follows: 

- Player 1 vertices: Vi = {{w,w') | u; G VF, £ W',L[w) = L'{w')} U {©}. 

- Player 2 vertices: V2^{W xW x {$}) 

- Edges: The edge set E is as follows: 

E = {((^1,^2) , (w'l, W2,S}) I (wi, W2) e Vi, (wi,w[) e R} 

u{(K,«;2,S},K,^)) I K,u;2,$) gT/2,K,^) eFi} 

\j{{{w[,W2,%),©) I K,u;2,$) e ^^2,V^ if (u;2,u'2) ei?', then K,^) ^ Fi} 
U{(©,©)} 

The three-priority parity objective <P* for player 2 with the priority function p is specified as follows: for vertices 
V & {W X F')r\ Vi we have p{v) = 0; for vertices v G {{F xW'\WxF')r\Vi)iJ {©} we have p{v) = 1; and all 
other vertices have priority 2. Also without loss of generality we assume that for every w there exists a fair run 
from w. The specialization of Proposition [T| gives us the following proposition. 

Propositions. LefWin2 — {(wi,W2) \ {wi,W2) G Vi, {wi,W2) G W2{'P*),i.e., there is a winning state for player 2}. 
Then we have Win2 =^fair- 

Lemma 5. For the game graph constructed for fair simulation we have l^i] + IV2I < 0(|VF| • and \E\ < 

Oi\W\ ■ \R'\ + \W'\ ■ \R\). 

Proof We have \Vi\ < \V2\ + 1 = \W\- \W'\ + 1 = 0{\W\ ■ | VF' | ) . We have 

\E\ <l + 2-\W\-\W'\+ J2 deg(u;)+^ ^ deg(u;') < 1 + 2 • |W^| • | W^'| + 1 W^T 1-^1 + l^^l • l-R'l, 

L[w)=L'{w') 

where deg(u') (resp. deg(z/;')) denotes the number of outedges (or out-degree) of w (resp. w'). The result follows. I 

The reduction and the results to solve parity games with three priorities establish that ^fair can be computed in 
timeO(|M^| • \W'\ ■ {\W\ ■ \R'\ + \W'\ ■ |i?|)). This completes the last item of Theoremg] 

7 Alternating Simulation 

7.1 Improved Algorithm Through Games 

In this section we consider the speciahzation of the alternating simulation algorithm for TS. Since we have already 
established in Section|4T|that the game graph construction complexity is linear in the size of the game graph, we only 
need to estimate the size of the vertex set and the edge set for TS. 

Lemma 6. For the game graph constructed for alternating simulation for TS, we have \ Vi \ + IV2I < 0(|VF| • \ W'\ ■ 
\Ai\ ■ \A[\) and \E\ < 0{\W\ ■ \W'\ ■ i\A,\ + \A[\)). 

Proof. Note that the size of the vertex set is bounded by the same quantity as for the general case for ATS, and thus 
the vertex size bound is trivial. We now consider the case for edges. First observe that since \ A2\ = 1, it follows that 
Succ{K) < \W\ as every Succ((i(;, a)) is singleton (i.e., a state), and hence Succ(iir) has at most \W\ elements and 
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each element is a singleton state. Similarly we have 5ucc{K') < \W'\. We have \E\ = \Ei \ + \E2 \ + \E-s\ + {E^l, and 
we obtain bounds for them below: 

l^il= E E \PiM\<\W'\-\W\-\A^\ 

\E2\= E - ■ i^'i ■ i^ii - 1^1 • i^'i • 1^1 

TeSucc{K) w'eW 

l^3l= E E |r'|<|Succ(AO|-|Succ(i^')l<n-|W^'l 

TeSucc(_ff) T'eSuizc{K') 

= E E \T\<\W'\-\Succ{K)\<\W'\-\W\ 

r'eW TeSucc(K) 

where in the bound for £'3 we used \T'\ < \A2 \ = 1 and in the bound for E4 we used |T| < \A2 \ — 1. It follows that 
\E\ < 0{\W\ ■ \W'\ ■ (I All + \ A[\)). and the desired result follows. I 

Since \R\ = \W\ ■ \Ai\ and |i?'| = \W'\ ■ | A'^ | , we obtain the last resuh of Theorem|5] 
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